<?php
if(!defined('FROM_INDEX'))exit('Invalid request');

require_once ROOT_PATH.'include/sql/class_db.php';

function session_init($sid='')
{
	$session['sid'] = ($sid) ? $sid : random(6);
	$session['uid'] = '-1';
	$session['user_name'] = 'guest';
	$session['group_id'] = '-1';
	
	$session['ip'] = client_ip();
	$session['last_activity'] = time();
	
	return $session;
}

function session_set_id($sid='')
{
	if(!$sid)
	{
		cookie_set('sid', $sid);
	}
	else
	{
		$cookie_sid = cookie_get('sid');
		
		$sid=(isset($_GET['sid']) || isset($_POST['sid'])) ?
				(isset($_GET['sid']) ? $_GET['sid'] : $_POST['sid']) :
				($cookie_sid ? $cookie_sid : '');
				
		if(!$sid)
		{
			$sid = random(6);
		}
		
		cookie_set('sid', $sid);
	}
	return $sid;
}

function session_get($sid)
{
	$table_prefix = TABLE_PREFIX;
	
	$time = time() - 900;
	
	$sql = "
	select 
		sid, uid, user_name, group_id, 
		CONCAT(ip1,ip2,ip3,ip4) as ip, 
		last_activity 
	from 
		{$table_prefix}sessions 
	where 
		sid = '$sid'
		and last_activity > {$time}";
	
	$session = DBFunction::getInstance()->getRow($sql);
	
	return check_array($session) ? $session : false;
}

function session_update($session)
{
	$online_hold = 900; // 15 minutes
	$online_span = 5; // 5 minutes
	$timestamp = time();
	
	if(!isset($session['sid']))
	{
		$session = session_init();
	}
	
	$sid = $session['sid'];
	$uid = $session['uid'];
	$user_name = $uid > 0 ? $session['user_name'] : "guest";
	$group_id = (int)$session['group_id'];
	
	$table_prefix = TABLE_PREFIX;

	// Update online time - in minutes
	if($uid > 0 && $online_span && ($timestamp - $session['last_activity']) > $online_span*60)
	{
		$sql = "
		UPDATE {$table_prefix}online_time
		SET
			this_month = thismonth + {$online_span},
			total = total + {$online_span},
			last_activity = {$timestamp}
		WHERE
			uid = ".$uid."
			AND last_activity <= '".($timestamp - $online_span*60)."'";
		$result = DBFunction::getInstance()->execute($sql);
		
		if(!$result)
		{
			$sql = "
			INSERT INTO {$table_prefix}online_time
				(this_month, total, last_activity, uid)
			values
				({$online_span}, {$online_span}, {$timestamp}, ".$uid.")";
			DBFunction::getInstance()->execute($sql);
		}
	}
		
	if(cookie_get('sid') == '' || $session['sid'] != cookie_get('sid'))
	{
		session_set_id($session['sid']);
	}

	if(session_get($sid))
	{
		$sql = "
		UPDATE 
			{$table_prefix}sessions 
		SET 
			uid='$uid', user_name='$user_name', group_id='$group_id', last_activity='$timestamp'
		WHERE sid='{$sid}'";
		DBFunction::getInstance()->execute($sql);
	}
	else
	{
		$ip = $session['ip'];
		$ips = explode('.', $ip);
		
		// Clear sessions which expires
		$sql = "
		DELETE FROM {$table_prefix}sessions
		WHERE
			sid='{$sid}'
			OR last_activity<($timestamp - $online_hold)
			OR ('".$uid."'>'0' AND uid='".$uid."')";
		DBFunction::getInstance()->execute($sql);

		$sql = "
		INSERT INTO {$table_prefix}sessions
			(sid, ip1, ip2, ip3, ip4, 
				uid, user_name, group_id, last_activity)
		VALUES
			('{$sid}', '$ips[0]', '$ips[1]', '$ips[2]', '$ips[3]', 
				'$uid', '$user_name', '$group_id', '$timestamp')";
		DBFunction::getInstance()->execute($sql);

		if($uid > 0 && ($timestamp - $session['last_activity']) > 21600)
		{
			$sql = "
			UPDATE
				{$table_prefix}user
			SET
				last_ip = '$ip',
				last_activity = '$timestamp'
			WHERE
				`id` = '$uid'";
			DBFunction::getInstance()->execute($sql);
		}
	}
	return true;
}
